The present invention relates to a data processing apparatus, a data processing method, and a program providing medium. More particularly, the present invention relates to such a data processing apparatus, such a data processing method, and such a program providing medium which respectively generate verifying values for verifying the integrity of contents data for storage in a memory device in correspondence with individual contents data, and then check to probe actual occurrence or absence of the act of tampering with the contents data by applying the verifying values which are independently generated per category of contents data, whereby higher efficiency is realized in the process of probing the act of tampering with the contents data.
Recently, there has been a further growth of distribution of so-called “contents data” via a wide variety of software data including music data, game programs, picture data, or the like, which are respectively transmitted via internet service lines, or via distributable recording media including a memory card, a DVD (Digital Versatile Disc), or CD (Compact Disc), or the like, for example.
Any of those distributed contents data is reproduced via users personal computers, reproduction devices, or game players via reception, or via such recording media including a memory card, a CD, or a DVD loaded in any of those means cited above. In addition, the above contents data are also reproducibly stored in a reproduction device and a recording medium stored in a personal computer such as a memory card or a hard disc for example.
Any of the above-cited reproduction devices, game players, and information device such as personal computers incorporates an interface device for receiving distributed contents data or for accessing a DVD and a CD and further incorporates a controlling means required for reproducing contents data, and yet, also incorporates a RAM (Random Access Memory) and a ROM (Read Only Memory) for storing programs and a variety of data.
Based on the user's instruction via the reproduction device, the game player, or the information device such as the personal computer or the user's instruction via a connected input means, a wide variety of contents data such as music data, picture data, or programs are individually output from a built-in or detachable recording medium and then reproduced by a data reproducing apparatus or via a connected display device or speaker units.
Conventionally, the rights of distribution for game programs, music data, picture data, or the like, are reserved by corresponding producers and marketing agents. Accordingly, whenever distributing contents data, only restricted proper users are authorized to utilize the contents data so that unauthorized duplication will not be committed. In other words, it is a conventional practice to establish such a safeguard to ensure security.
A process for ciphering distributable contents data constitutes such a practical means to restrain users from utilizing the contents data. Concretely, the ciphering method distributes a variety of contents data comprising ciphered audio data, picture data, game programs, or the like, via internet service lines for example, and in addition, it also enables only those who are authenticated as proper users to decode the distributed ciphered contents data. In other words, only those verified users are entitled with reception of the decoding key.
Ciphered data can properly be restored into practically usable decoded data, i.e., a plain text, solely after completing such a decoding process in accordance with a predetermined procedure. These processes for ciphering data via a ciphering process and decoding data via a decoding method and the process are conventionally well known.
Of those various kinds in the method for ciphering and decoding data by applying a ciphering key and a decoding key, there is such a method so-called common key ciphering system, for example. This common key ciphering system effects ciphering of data and decoding of data by applying a common key. This system provides verified proper users with the common key for ciphering and decoding receivable data whereby preventing unverified users devoid of the common key from improperly accessing data. A typical one of the common key ciphering system is cited as the DES (Data Encryption Standard).
Such a ciphering key and a decoding key usable for the above cited ciphering and decoding processes can be secured by applying a mono-directional function such as a Hash function based on a certain pass-word for example. Such mono-directional function involves an extreme difficulty to compute an input value inversely from an output value. For example, based on an input pass-word predetermined by a user, by applying the mono-directional function and a resultant output value, a ciphering key and a decoding key are respectively generated. On the other hand, it is practically impossible to identify the above-referred pass-words as the original data from the ciphering and decoding keys generated via the above process.
There is a so-called open key ciphering process which utilizes such an algorithm based on such a ciphering process with a ciphering key and such a decoding process with a decoding key being different algorithm from each other. The open key ciphering process utilizes such an open key commonly usable by unspecified users. This ciphering method ciphers a document addressed to a specific individual by applying an open key issued by this specific individual. The document ciphered by this open key can be decoded solely by applying a secrete key corresponding to this open key used for ciphering this document. Inasmuch as the secrete key is reserved by such a specific individual who issued the open key, the document ciphered by the open key can exclusively be decoded by a specific individual reserving the secrete key. The RSA (Rivest Shamir Adleman) ciphering code is cited as the typical system of the open key ciphering method cited above. By way of utilizing the open key ciphering method, it is possible to set up such a system enabling ciphered contents data to be decoded exclusively for the verified proper users.
Conventionally, such a process for verifying integrity of contents data is executed by way of the following: In order to probe that there is no act of tampering with contents data, checking values for verification are generated based on a proper contents data and then stored in a memory in advance. Whenever utilizing the contents data, such a checking value generated based on the data requiring verification is compared to the checking values stored in the memory.
However, relative to the increase of the number of the contents data stored in the memory, it entails such a difficulty to generate checking values for verification based on proper contents data and another difficulty to properly store and control them. In particular, in the case of such a recording medium incorporating substantial storage capacity such as a memory card using a flash memory available today, a large volume of contents data including various categories comprising music data, picture data, program data, or the like, is jointly stored in the memory. In such a complex environment, it is quite difficult to properly control processes for generating, storing, and utilizing the above referred checking values for probing the act of tampering with contents data. When generating such checking values for probing the integrity of the whole data in the storage, it necessitates generation of such checking values for probing the whole data in the storage. For example, when executing such a process for computing an integrity checking value (ICV) by applying message authentication codes (MAC) generated via DES CBC mode for example, it is necessary to execute the DES CBC process to deal with the whole data in the storage. Since the longer the data length is, the greater the volume to be computed becomes, whereby raising a problem in terms of processing efficiency.